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DETAILED ACTION 

1 . The amendment filed on 30 July 2003 is noted and made of record. 

2. Claims 1 through 14 are presented for examination. 

Drawings 

3. Applicant is reminded that the Patent and Trademark Office no longer makes drawing 
changes and that it is applicant's responsibility to ensure that the drawings are corrected in 
accordance with the instructions set forth in Paper No. 5, mailed on 30 April 2003. 

Response to Arguments 

4. Applicant's arguments with respect to claims 1 through 13 have been considered but are 
moot in view of the new ground(s) of rejection. 

5. See further rejections that follow. 

Claim Rejections - 35 USC § 112 

6. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

7. Regarding claims 1 through 5 and 8, the phrase "such as" renders the claim indefinite 
because it is unclear whether the limitations following the phrase are part of the claimed 
invention. See MPEP § 2173.05(d). 

Claim Rejections - 35 USC § 103 

8. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

9. Claims 1 through 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. 
Patent No. 6,449,272 to Chuah et al., hereinafter Chuah, in lieu obviousness. 
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10. As per claim 1, Chuah teaches a method for connecting a first user terminal of a first 
virtual private network to a second user terminal of a second virtual private network, over a 
network such as the internet, said network having a plurality of user terminals and a plurality of 
network access servers each of the plurality of user terminals being coupled to a respective 
network access server of the plurality of network access servers comprising: 

a. making a connection of said second user terminal to a first network access server, 
wherein said first network access server is said respective network access server of said second 
user terminal (Figures 1 [blocks 1, 105, 115], 8 [blocks 805, 811, 814, 819], 12 [blocks 805, 874, 
881, 91 1]; column 3, lines 9-22; column 8, lines 31-51; column 11, lines 20-40); 

b. in response to said connection of said second user terminal, sending connection 
information from said first network access server to a subscriber data server included in said 
network and coupled to each of said plurality of network access servers (Figures 1 [block 135], 8 
[block 135], 12 [block 935]; column 3, lines 3-8; column 5, line 63 to column 6, line 4; Tables 1- 

4); 

c. updating a database of the subscriber data server based on the connection information 
(column 4, lines 20-25; column 4, lines 43-49; column 5, lines 12-17; column 5, lines 33-45; 
Tables 1-4); 

d. upon an incoming request of communication from said first user terminal to said 
second user terminal said subscriber data server locating said respective network access server 
connected to said second user terminal and notifying said second user terminal based on said 
request of communication from said first user terminal (column 7, lines 25-30; column 7, line 60 
to column 8, line 18); 
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e. switching said second user terminal from said second virtual private network to said 
first virtual private network in response to said locating (Figures 8, 9, 1 1, 12; column 8, line 52 
to column 9, line 9; column 11, lines 20-52). It would have been obvious to one of ordinary skill 
in the art at the time the invention was made to provide the network server with a database of 
connection information. One of ordinary skill in the art would acknowledge that Chuah teaches 
updating user information, particularly in columns 4 and 5, albeit on what he refers to as an 
anchor. Therefore, one of ordinary skill in the art would realize the benefits of shifting the 
database to a centralized server, as every network access server has access to the network server, 
much like every server has access to the subscriber data server in the instant application. See 
MPEP § 2144.04; see also//! reJapikse, 181 F.2d 1019, 1023, 86 USPQ 70, 73 (CCPA 1950). It 
would still be further obvious to one of ordinary skill in the art at the time the invention was 
made to switch the user terminal from one VPN to another in response to locating the user 
terminal. In the case of the Chuah invention, this is pertinent to the mobile point-to-point 
protocol, inasmuch that Chuah states that the remote user establishes a VPN with the corporate 
network (column 9, lines 31-65). In order to maintain the VPN connection, Chuah elaborates on 
the hand-off procedure, which incorporates the mobile user switching from one VPN session to 
another. 

1 1 . Regarding claim 2, Chuah teaches wherein: 

said incoming request of communication is an incoming call request from said first user 
terminal and is handled by said subscriber data server (column 7, line 25 to column 8, line 2); 
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said locating includes searching in said database of said subscriber data server for 
connection information of said second user terminal (Figure 10 [block 435]; column 9, line 58 to 
column 10, line 7; Table 4); 

said subscriber data server uses said connection information to determine said virtual 
private network and said respective network access server connected to said second user terminal 
(Figure 10 [block 435]; column 9, line 58 to column 10, line 7; Table 4); 

said subscriber data server indicates said incoming call request to said respective network 
access server connected to the second user terminal (column 7, line 25 to column 8, line 2); 

said respective network access server connected to the second user-terminal notifies said 
second user-terminal of said incoming call request (column 7, line 25 to column 8, line 2). It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
provide the network server with call handling capabilities. One of ordinary skill in the art would 
acknowledge that Chuah teaches incoming call requests, particularly in column 7, albeit on what 
he refers to as an anchor. Therefore, one of ordinary skill in the art would realize the benefits of 
shifting the call handling capabilities to a centralized server, as every network access server has 
access to the network server, much like every server has access to the subscriber data server in 
the instant application. See MPEP § 2144.04; see also In reJapikse, 181 F.2d 1019, 1023, 86 
USPQ 70, 73 (CCPA 1950). 

12. Regarding claim 3, Chuah teaches wherein said step of notifying the second user 
terminal, based on said requesting of the communication from said first user-terminal is 
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performed over a transparent connection between the subscriber data server and the second user 
terminal via said first network access server (column 7, line 25 to column 8, line 2). 

13. Regarding claim 4, Chuah teaches comprising, before step d, the steps of: 
receiving the incoming call request of the first user terminal at the respective network 

access server connected to the first user-terminal (column 7, line 25 to column 8, line 2); and 
said respective network access server connected to the first user terminal sending the 
incoming call request of the first user terminal to the subscriber data server (column 7, line 25 to 
column 8, line 2). 

14. Regarding claim 5, Chuah teaches further comprising before step d, sending said 
incoming call request of the first user terminal over a transparent connection between the first 
user terminal and the subscriber data server via the network access server connected to the first 
user-terminal (column 7, line 25 to column 8, line 2). 

15. As per claim 6, Chuah teaches a network access server for enabling a connection over a 
network between two user terminals of two different virtual private networks each of said of user 
terminals coupled to a respective network access server comprising: 

switch notification reception means for receiving a request, from one of said user 
terminals, to initiate a switch-over of a connection from one of said virtual private networks to 
the other (Figure 9; column 8, line 52 to column 9, line 20); 
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switching means, coupled with said switch notification reception means, performing said 
switch-over (Figures 9, 10; column 9, lines 10-20); and 

user terminal connect notification sending means, coupled with said switching means, for 
sending connection information to a subscriber data server, upon the connecting of one of said 
user terminals to said network access server and upon said switch-over of said connection of one 
of said user terminals from the one of the virtual private network to the other (Figure 10; column 
9, lines 21-49). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to provide the network server with connection notification means. One of 
ordinary skill in the art would acknowledge that Chuah teaches connection notification means, 
particularly in column 9, albeit on what he refers to as an anchor. Therefore, one of ordinary 
skill in the art would realize the benefits of shifting the connection notification means to a 
centralized server, as every network access server has access to the network server, much like 
every server has access to the subscriber data server in the instant application. See MPEP § 
2144.04; see also In reJapikse, 181 F.2d 1019, 1023, 86 USPQ 70, 73 (CCPA 1950). 

16. With regards to claims 7 and 9, Chuah teaches further comprising: 

connection establishment request reception means for receiving from said subscriber data 

server a connection request to establish the connection between said two user terminals (column 

7, line 25 to column 8, line 18); and 

connection establishment request sending means, coupled with said connection 

establishment requesting reception means, for notifying one of said user terminals about an 

incoming call from another of said user terminals (column 7, line 25 to column 8, line 18). 
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17. As per claim 8, Chuah teaches a network access server, defined as a second network 
access server, intended for use in a network operating according to a method for connecting a 
first user terminal of a first virtual private network to a second user terminal of a second virtual 
private network, said network being a network such as the internet, said network having a 
plurality of user terminals and a plurality of network access servers including said network 
access, server, each of said plurality of user terminals being coupled to a respective network 
access server of said plurality of network access servers, the network operating method 
comprising: 

a. making a connection of said second user terminal to a first network access server, 
wherein said first network access server is said respective network access server of said second 
user terminal (Figures 1 [blocks 1, 105, 115], 8 [blocks 805, 811, 814, 819], 12 [blocks 805, 874, 
881, 911]; column 3, lines 9-22; column 8, lines 31-51; column 11, lines 20-40); 

b. in response to said connection of said second user terminal, sending connection 
information from said first network access server to a subscriber data server included in said 
network and coupled to each of said plurality of network access servers (Figures 1 [block 135], 8 
[block 135], 12 [block 935]; column 3, lines 3-8; column 5, line 63 to column 6, line 4; Tables 1- 
4); 

c. updating a database of the subscriber data server based on the connection information 
(column 4, lines 20-25; column 4, lines 43-49; column 5, lines 12-17; column 5, lines 33-45; 
Tables 1-4); 


Application/Control Number: 09/666,388 Page 9 

Art Unit: 2131 

d. upon an incoming request of communication from said first user terminal to said 
second user terminal said subscriber data server locating said respective network access server 
connected to said second user terminal and notifying said second user terminal based on said 
request of communication from said first user terminal (column 7, lines 25-30; column 7, line 60 
to column 8, line 18); 

e. switching said second user terminal from said second virtual private network to said 
first virtual private network in response to said locating (Figures 8, 9, 1 1, 12; column 8, line 52 
to column 9, line 9; column 11, lines 20-52); 

wherein: 

said incoming request of communication is an incoming call request from said first user 
terminal and is handled by said subscriber data server (column 7, line 25 to column 8, line 2); 

said locating includes searching in said database of said subscriber data server for 
connection information of said second user terminal (Figure 10 [block 435]; column 9, line 58 to 
column 10, line 7; Table 4); 

said subscriber data server uses said connection information to determine said virtual 
private network and said respective network access server connected to said second user terminal 
(Figure 10 [block 435]; column 9, line 58 to column 10, line 7; Table 4); 

said subscriber data server indicates said incoming call request to said respective network 
access server connected to the second user terminal (column 7, line 25 to column 8, line 2); 

said respective network access server connected to the second user-terminal notifies said 
second user-terminal of said incoming call request (column 7, line 25 to column 8, line 2); 

wherein said second network access server comprises: 
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connection establishment request reception means adapted to receive a connection 
request from said first user terminal to establish said connection between said first user terminal 
connected to said first virtual private network and said second user terminal connected to said 
second virtual private network (column 8, lines 3-24); and 

connection establishment request sending means, coupled with an input to an output of 
said connection establishment requesting reception means, adapted to notify said subscriber data 
server about an incoming call from said first user terminal (column 8, lines 3-24). It would 
have been obvious to one of ordinary skill in the art at the time the invention was made to 
provide the network server with a database of connection information. One of ordinary skill in 
the art would acknowledge that Chuah teaches updating user information, particularly in 
columns 4 and 5, albeit on what he refers to as an anchor. Therefore, one of ordinary skill in the 
art would realize the benefits of shifting the database to a centralized server, as every network 
access server has access to the network server, much like every server has access to the 
subscriber data server in the instant application. See MPEP § 2144.04; see also In re Japikse, 
181 F.2d 1019, 1023, 86 USPQ 70, 73 (CCPA 1950). It would still be further obvious to one of 
ordinary skill in the art at the time the invention was made to switch the user terminal from one 
VPN to another in response to locating the user terminal. In the case of the Chuah invention, this 
is pertinent to the mobile point-to-point protocol, inasmuch that Chuah states that the remote user 
establishes a VPN with the corporate network (column 9, lines 31-65). In order to maintain the 
VPN connection, Chuah elaborates on the hand-off procedure, which incorporates the mobile 
user switching from one VPN session to another. It would have been obvious to one of ordinary 
skill in the art at the time the invention was made to provide the network server with call 
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handling capabilities. One of ordinary skill in the art would acknowledge that Chuah teaches 
incoming call requests, particularly in column 7, albeit on what he refers to as an anchor. 
Therefore, one of ordinary skill in the art would realize the benefits of shifting the call handling 
capabilities to a centralized server, as every network access server has access to the network 
server, much like every server has access to the subscriber data server in the instant application. 
See MPEP§ 2144.04; see also In re Japikse, 181 F.2d 1019, 1023, 86 USPQ 70, 73 (CCPA 
1950). 

18. As per claim 10, Chuah teaches a subscriber data server, intended for use in a network 
having user terminals communicating with respective network access servers, wherein the 
network access servers communicate with the subscriber data server, and wherein some of the 
user terminals are in different virtual private networks, the subscriber data server comprising: 

a connection information database (column 4, lines 20-25; column 4, lines 43-49; column 
5, lines 12-17; column 5, lines 33-45; Tables 1-4); 

user terminal connect notification reception means, adapted to receive connection 
information upon the connection of one of the user terminals to one of the network access servers 
(Figure 10; column 9, lines 21-49); 

user terminal connect notification updating means, coupled with the user terminal 
connect notification reception means, for updating the connection information database based on 
the connection information (column 4, lines 20-25; column 4, lines 43-49; column 5, lines 12-17; 
column 5, lines 33-45; Tables 1-4); 
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connection establishment request reception means, for receiving a connection request, 
from a first one of the user terminals a first one of the virtual private networks, to establish a 
connection with a second one of the user terminals in a second one of the virtual private 
networks (column 7, line 25 to column 8, line 24); 

connection information searching means, coupled with the connection establishment 
request reception means, for searching in the connection information database for connection 
information of the second user terminal (column 9, line 58 to column 10, line 7); and 

connection establishment request sending means, coupled with the connection 
information searching means, for notifying the user terminal about an incoming call from said 
first user terminal, according to the connection information of the second user terminal (column 
7, line 25 to column 8, line 24). It would have been obvious to one of ordinary skill in the art at 
the time the invention was made to provide the network server with a database of connection 
information. One of ordinary skill in the art would acknowledge that Chuah teaches updating 
user information, particularly in columns 4 and 5, albeit on what he refers to as an anchor. 
Therefore, one of ordinary skill in the art would realize the benefits of shifting the database to a 
centralized server, as every network access server has access to the network server, much like 
every server has access to the subscriber data server in the instant application. See MPEP § 
2144.04; see also In reJapikse, 181 F.2d 1019, 1023, 86USPQ 70, 73 (CCPA 1950). 
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19. As per claim 1 1 , Chuah teaches a user terminal intended for use in a network having user 
terminals communicating with respective network access servers, wherein the network access 
servers communicate with a subscriber data server, and wherein some of the user terminals are in 
different virtual private networks, the user terminal comprising: 

connection establishment request reception means for receiving, from the respective 
network access server of the user terminal, a connection request of a different user terminal from 
a different virtual private network to establish a connection to the user terminal (column 7, line 
25 to column 8, line 18; column 8, lines 52 to column 9 line 20); 

incoming call handling means, coupled with the connection establishment request 
reception means, for handling the connection request from the different user terminal (column 7, 
line 25 to column 8, line 2); and 

switch requesting means, coupled with the incoming call handling means, for requesting 
the respective network access server to switch the connection of the user terminal from a current 
virtual private network to a different virtual private network of the different user terminal 
(column 8, lines 52 to column 9 line 20). It would still be further obvious to one of ordinary skill 
in the art at the time the invention was made to switch the user terminal from one VPN to 
another in response to locating the user terminal. In the case of the Chuah invention, this is 
pertinent to the mobile point-to-point protocol, inasmuch that Chuah states that the remote user 
establishes a VPN with the corporate network (column 9, lines 3 1-65). In order to maintain the 
VPN connection, Chuah elaborates on the hand-off procedure, which incorporates the mobile 
user switching from one VPN session to another. 
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20. As per claim 12, Chuah teaches a software module for running on a processing system for 
inclusion in a subscriber data server intended for use in a network having user terminals 
communicating with respective network access servers, wherein the network access servers 
communicate with the subscriber data server, and wherein some of the user terminals are in 
different virtual private networks, the software module comprising: 

a user terminal connect notification reception sub-module, adapted to receive connection 
information, upon connection of any of the user terminals to any one of the network access 
servers (Figure 10; column 9, lines 21-49); 

a user terminal connect notification updating sub-module, cooperating with the user 
terminal connect notification reception sub-module, and adapted to update a connection 
information database based on the with the connection information (column 4, lines 20-25; 
column 4, lines 43-49; column 5, lines 12-17; column 5, lines 33-45; Tables 1-4); 

a connection establishment request reception sub-module, adapted to receive a 
connection request from a first one of the user terminals of one of the virtual private networks, to 
establish a connection with a second of one of the user terminals of a different one of the virtual 
private networks (column 7, line 25 to column 8, line 24); 

a connection information searching sub-module, cooperating with the connection 
establishment request reception sub-module, and adapted to search the connection information 
database for connection information of the second user terminal (column 9, line 58 to column 10, 
line 7); and 

a connection establishment request sending sub-module, cooperating with the connection 
information searching sub-module, and adapted to notify the second user terminal about the 
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incoming call from the first user terminal (column 7, line 25 to column 8, line 24). It would have 
been obvious to one of ordinary skill in the art at the time the invention was made to provide the 
network server with a database of connection information. One of ordinary skill in the art would 
acknowledge that Chuah teaches updating user information, particularly in columns 4 and 5, 
albeit on what he refers to as an anchor. Therefore, one of ordinary skill in the art would realize 
the benefits of shifting the database to a centralized server, as every network access server has 
access to the network server, much like every server has access to the subscriber data server in 
the instant application. See MPEP § 2144.04; see also/« reJapikse, 181 F.2d 1019, 1023, 86 
USPQ 70, 73 (CCPA 1950). 

21 . As per claim 13, Chuah teaches a software module intended for use in a given user 
terminal of a network having user terminals communicating with respective network access 
servers, wherein the network access servers communicate with a subscriber data server, and 
wherein some of the user terminals are in different virtual private networks, the software module 
comprising: 

a connection establishment request reception sub-module, adapted to receive from the 
respective network access server a connection request, of a different user terminal via to 
establish a connection to the given user terminal (column 7, line 25 to column 8, line 18; column 
8, lines 52 to column 9 line 20); 

an incoming call handling sub-module, cooperating with the connection establishment 
request reception sub-module and adapted to handle the connection request (column 7, line 25 to 
column 8, line 2); 


Application/Control Number: 09/666,388 Page 16 

Art Unit: 2131 

a switch requesting sub-module, cooperating with the incoming call handling sub- 
module, and adapted to request the respective network access server of a given user terminal to 
switch the connection of the given user terminal from a current virtual private network to the 
different virtual private network of the different user terminal (column 8, lines 52 to column 9 
line 20). It would still be further obvious to one of ordinary skill in the art at the time the 
invention was made to switch the user terminal from one VPN to another in response to locating 
the user terminal. In the case of the Chuah invention, this is pertinent to the mobile point-to- 
point protocol, inasmuch that Chuah states that the remote user establishes a VPN with the 
corporate network (column 9, lines 31-65). In order to maintain the VPN connection, Chuah 
elaborates on the hand-off procedure, which incorporates the mobile user switching from one 
VPN session to another. 

22. Regarding claim 14, Chuah teaches wherein step e further comprises: 

a. said second user terminal initiating and controlling a switch-over of said connection of 
said second user terminal from said second virtual private network to said first virtual private 
network (Figure 9; column 8, line 52 to column 9, line 20); 

b. said first network access server switching said connection of said second user terminal 
from said second virtual private network to said first virtual private network (Figures 8, 9, 1 1, 
12; column 8, line 52 to column 9, line 9; column 11, lines 20-52); and, 

c. upon switch-over of said connection of said second user terminal from said second 
virtual private network to said first virtual private network, sending connection information from 
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said first network access server to said subscriber data server (column 4, lines 20-25; column 4, 
lines 43-49; column 5, lines 12-17; column 5, lines 33-45; Tables 1-4). 

Conclusion 

23. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

24. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

26. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Forgia whose telephone number is (703) 305-7704. 
The examiner can normally be reached on Monday thru Thursday 7-5. 

27. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (703) 305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is (703) 746-7240. 

28. Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-3900. 
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